Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eb3b28c3e78c852f9ac378afc5483e94_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240919-nhyjqswapg

  • MD5

    eb3b28c3e78c852f9ac378afc5483e94

  • SHA1

    b9b5c6f30977511fcc7afd51fe7a948d89bd0234

  • SHA256

    cc2c8bead42e807334275c9b4c42c8f462a1053e4f7e7480119600e377860cfe

  • SHA512

    2fd1da28326570067c87ca6a3ecb08757067d178f0afa80a193e1efc7ac952c51dbed8fea6a5d3648c02c8466e5c616d107a5d21cc254597f3757ceaf7c5eb43

  • SSDEEP

    24576:Ld/uPB7Xe2xqgkJsr8vT5kvggkKK6Fbvvuyoo2wgNkdZpjFzhm:gB7OGNwsIvTMHkKt3uto2NkdZpRVm

Malware Config

Targets

    • Target

      eb3b28c3e78c852f9ac378afc5483e94_JaffaCakes118

    • Size

      1.4MB

    • MD5

      eb3b28c3e78c852f9ac378afc5483e94

    • SHA1

      b9b5c6f30977511fcc7afd51fe7a948d89bd0234

    • SHA256

      cc2c8bead42e807334275c9b4c42c8f462a1053e4f7e7480119600e377860cfe

    • SHA512

      2fd1da28326570067c87ca6a3ecb08757067d178f0afa80a193e1efc7ac952c51dbed8fea6a5d3648c02c8466e5c616d107a5d21cc254597f3757ceaf7c5eb43

    • SSDEEP

      24576:Ld/uPB7Xe2xqgkJsr8vT5kvggkKK6Fbvvuyoo2wgNkdZpjFzhm:gB7OGNwsIvTMHkKt3uto2NkdZpRVm

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      d970f6e5200a676ded18b2dfb39a3352

    • SHA1

      1d48fb37758c09f3f2a083a2869143383b68daec

    • SHA256

      c2ae27669651fd5d3142e35d3317f46b7b3a9683b49f93ccf575628d55e8a6da

    • SHA512

      86798df839c84e2dae4596f5b210edd18feaf8637ebe7925b7d80015ff321d324da47f129b91fb1c3229cac8d4f45de5758069a3e7cce7c9dd2d19e305131982

    • SSDEEP

      192:s6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTtK72dwF7dBdcQOz:s6JaVh4I5rpPbTt+BdhO

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      bf01b2d04e8fad306ba2f364cfc4edfa

    • SHA1

      58f42b45ca9fc1818c4498ecd8bac088d20f2b18

    • SHA256

      d3f9c99e0c1c9acd81a1b33bc3dbd305140def90d10485c253cf1d455f0dc903

    • SHA512

      30ca1663d659c5efac7fed3d1aaba81c47d5d5fda77f30f021124c882b858732e17f917bfd0aa3ee7b269fad86e75b1b9388d8f916e7a4e2c9961669f2c772e7

    • SSDEEP

      192:aO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1angMO:vKAFERdlxhGRYUzqZan

    Score
    3/10
    • Target

      $TEMP/msearch.exe

    • Size

      58KB

    • MD5

      b7e8059927e84385fdf6bc7d73a072e0

    • SHA1

      387b5bd41d1833119b7a936781f561de2bcf9ef8

    • SHA256

      bd46c539a3bacd4f40171bc441f0baa9aea1821d539e5b94212efae69931a316

    • SHA512

      3335e7c4e9497b4bd5f6cecd114aa62b11d8ea4fd0fcbfdc013b1af8c5872a5a77c917f7b28891fd6d0c6b789b7677060d14badf1f9794580a2a2969cb68202e

    • SSDEEP

      1536:vUkhxvEP3fMYqM3WPVjyviqoXqtjqENd/avWX9ws3ic:MWM/fMYr3gVwi0tuC/auX9s

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      Monkey3.exe

    • Size

      5.3MB

    • MD5

      ef499dc8d2d8657e8e9f8b3b3c24a03d

    • SHA1

      a14a57d2fa10f1d7a2339d4d3729c46c23698f6e

    • SHA256

      f12947453192591cd9764aca45a149700314dafb47eab9a0ee8a13b843122820

    • SHA512

      7ece695f97d23fcc813efeaaa206b05cd4f3c7397a355d5fee96f330be6fcc92ee17cc8922dadfd339dbd0a9923a21323f13bb20dd1100a2aff8b19d85e3c3da

    • SSDEEP

      98304:1rIpLOoxHTIwuWt6BO6cEJ++IrWMyjOp9510YXKMqbhbAh8r5IWd/O1WQfa:1rIpLOodTIwuWt6BO6cEJ++IrVFp63Mu

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks